@@ -409,17 +409,12 @@ The overall risk related to each use case should be considered as a result of co
#### 4.5.1.3 Skill Level of SIEM Adminsitrator
#### 4.5.1.3 Skill Level of SIEM Adminsitrator
**\[ADM]**: The availability and skill of intended and foreseeable administrators.
**\[ADM]**: Product is intended for use by and skill of intended and foreseeable administrators.
- ADM-0 Full time security specialist administrator
- ADM-0 Full time security specialist administrator
- ADM-1 Part time security specialist administrator
- ADM-1 Part time security specialist administrator
- ADM-2 IT generalist adminstrator (full or part time)
- ADM-2 IT generalist adminstrator (full or part time)
> <mark>Things to consider</mark>:
>
> 1. How well the admin knows the company?
> 1. Is this a quality thing for the product? If so, should be removed.
#### 4.5.1.4 SIEM System Deployment Isolation
#### 4.5.1.4 SIEM System Deployment Isolation
**\[ISO]**: The degree that the SIEM system shares resources with other organizations.
**\[ISO]**: The degree that the SIEM system shares resources with other organizations.
@@ -664,7 +659,7 @@ All remote data processing solutions are components of the product, but their us
While a product's employment of an RDPS may create additional security requirements related to its remote nature and affect the tools available to an assessor, use of an RDPS does not significantly change the security requirements associated with the product's use or functions. A remote data processing solution is a component of the product when it has been designed by or for the manufacturer or is in the the manufacturer's responsibility, and it is necessary for the product to perform its intended functions.
While a product's employment of an RDPS may create additional security requirements related to its remote nature and affect the tools available to an assessor, use of an RDPS does not significantly change the security requirements associated with the product's use or functions. A remote data processing solution is a component of the product when it has been designed by or for the manufacturer or is in the the manufacturer's responsibility, and it is necessary for the product to perform its intended functions.
A remote data processing solution is a component of the product when it has been designed by or for the manufacturer or is in the manufacturer's control, and it is necessary for the product to perform its intended functions. Remote data processing solutions can perform any function of the product and are not limited to a product's core functions. Common uses of RDPS include remote storage of profile or configuration data, often to enable similar devices to use or access the data from a web interface.
Remote data processing solutions can perform any function of the product and are not limited to a product's core functions. Common uses of RDPS include remote storage of profile or configuration data, often to enable similar devices to use or access the data from a web interface.
The system can also be a log storage or metrics collection endpoint, which is part of the product design, but those have dedicated sections in the present document with detailed requirements.
The system can also be a log storage or metrics collection endpoint, which is part of the product design, but those have dedicated sections in the present document with detailed requirements.
The CRA has a subtle difference in how the application is designed. A website that is accessed with a browser is not in scope, but an online service which is used from an installed application is in scope.
The CRA has a subtle difference in how the application is designed. A website that is accessed with a browser is not in scope, but an online service which is used from an installed application is in scope.
@@ -678,7 +673,6 @@ General risks to consider with RDPS:
| Integrity | Data alteration | Hashing, encryption |
| Integrity | Data alteration | Hashing, encryption |
| Storage | Multitenant data leaks | Encryption at rest |
| Storage | Multitenant data leaks | Encryption at rest |
| Internal | Insider abuse | Usage monitoring |
The remote data processing system can be a central component for the product and render the product unusable if not avalaible.
The remote data processing system can be a central component for the product and render the product unusable if not avalaible.
As distruptions in the services are not uncommon, it is important for product architectural design to show how the product functionality changes, if the RDPS is not available. ([REQ-RDPS-0])
As distruptions in the services are not uncommon, it is important for product architectural design to show how the product functionality changes, if the RDPS is not available. ([REQ-RDPS-0])
@@ -693,6 +687,8 @@ The CRA [\[i.1\]](#_ref_i.1) Article 3(2) defines that an RDPS is under the resp
RDPS sepcific requirements:
RDPS sepcific requirements:
-**[REQ-RDPS-0]:** Dependent RDPS systems are listed in the technical documentation.
-**[REQ-RDPS-0]:** Dependent RDPS systems are listed in the technical documentation.
- how deep the listing would need to be?
-
-**[REQ-RDPS-0]:** Product functionality is described in case connectivity to RDPS is not available.
-**[REQ-RDPS-0]:** Product functionality is described in case connectivity to RDPS is not available.
-**[REQ-RDPS-1]:** Data processed or stored in the RDPS is well defined.
-**[REQ-RDPS-1]:** Data processed or stored in the RDPS is well defined.
-**[REQ-RDPS-2]:** Criticality of the processed or stored data is defined.
-**[REQ-RDPS-2]:** Criticality of the processed or stored data is defined.
